CyberBusiness Security Benefit Evaluation

CyberBusiness Security Benefit Evaluation
Product Code: CB-SEC-JUST-01
Qty: Add to Order

There are basic deliverables that are always present in the output from this service. This foundation can be seen below:

  • Security threat environment
    • Organizational experience
      • Trends
      • Costs
      • Vectors
    • Identified requirements
  • Assumptions
    • Information grid
    • Business assumptions
    • Volumetrics
  • Strategic option and projection
    • Max of three (3) proposed scenarios each with:
      • Summary of findings
      • Description
      • Selection criteria
      • Timeframe expectations
      • Cost perspectives:
        • Total cost of acquisition (TCA)
        • Total cost of operation (TCO)
        • Total cost of computing (TCC) 
      • Critical components
        • Success
        • Failure
      • Actionable steps
      • Deployment guide
    • Impact analysis of possible failure points
    • Critical decision points 

Additional deliverables may be added to the output, based on the findings of the specific analysis.

One of the most prevalent challenges today occurs in the communication between security professionals and the executive management at an organization. At the heart of the challenge is the significantly different perspectives of the two groups, coupled with the difficulty in defining the reflective metric that is security. From the security perspective, the safeguarding of organizational assets requires a focus on tactics techniques and procedures (TTP). This viewpoint tends to build on detailed components of detection and response, and results in the selection of hardware, software, and procedural components that address ongoing or emerging threats. There is little or no data available to the frontline security personnel that would allow them to support a reflective metric, such as the absence of a security incursion.

The executive management perspective works on a basis of risk and exposure, cost and benefit. Decisions are made for the organization as a whole using this foundation. This is irrespective of the area within the organization, of which security is only one. Most executives are not conversant with the detailed technical issues of security and asset protection. Since executives focus on the strategic aspects, the tactical details are outside of the normal purview.

The translation of detailed security needs to critical thinking input is lacking in most organizations. A failure in this translation can be very costly for both sides of the security equation. Without a good benefits analysis for executive decision makers, critically needed security components may be delayed or even omitted. Conversely, executive decision-makers have no way of evaluating relative importance of proposed security components. The CyberBusiness Security Benefits Evaluation product provides a clearly defined translation of the technical security requirements and the organizational benefits expected.

The calibration of cost, benefits, risk, exposure, best practices and other critical action items utilizes the SIL heuristic database. This rapidly-growing and evolving database contains millions of reports of actual production information from operating organizations worldwide. The depth of experiential data provides an actuarial foundation for the risk and exposure profile, as well as, a strong comparison basis for the deliverables in this product. 

Engagement Model
Data CollectionFTP and email
Update FrequencySingle
Project Form
ExecutionSingle execution
Output Form
Size Range15-60 pages
MediaElectronic, maximum of 5 hardcopies
Level of DetailCompany and situation specific
Timing and Schedule
Client Time Contribution<10 total hours for data collection
Project Length2-3 weeks
Delivery MechanismRemote meeting with screen display
Contract FormFixed bid
Payment ScheduleDeposit and completion